Greetings,
This message has been automatically generated in response to the
creation of a support ticket call:
"Open DNS Resolver at tracsvn.osgeo.osuosl.org (140.211.15.71)",
a summary of which appears below.
There is no need to reply to this message right now. Your ticket has been
assigned an ID of [support.osuosl.org #30012]. Please include this string
in the subject line of all future correspondence about this issue. You may
also catch us on irc (irc.freenode.net) in #osuosl.
Thank you.
support@osuosl.org
-------------------------------------------------------------------------
Hello OSGeo,
We at the OSL have received a report indicating your project is running an open
DNS resolver at tracsvn.osgeo.osuosl.org (140.211.15.71).
Here's a copy of the report:
On Mon Mar 26 07:43:08 2018, abuse@nero.net wrote:
Report: openresolvers
Open DNS resolvers are used to generate an increasing number of
extremely large DDoS attacks, without any need for infected hosts to
participate. These resolvers may not be compromised, but are open to
abuse by others and pose a threat to the global network infrastructure.
Even if your DNS resolver is not performing recursive queries on behalf
of non-customer clients, it can still be abused to participate in a
DDoS. We strongly encourage you to filter these queries or configure
your DNS resolver to either refuse or rate-limit its responses.* http://openresolverproject.org/
* https://www.dns-oarc.net/oarc/articles/upward-referrals-considered-harmfulevent | ip | timestamp | details
------------------+------------------+---------------------+------------------
openresolvers | 140.211.15.71 | 2018-03-24 21:52:07 | responding ip= RCODE=0
recursion available=1
------------------+------------------+---------------------+------------------
Information about securing open resolvers is available in links in the report.
Could you please remedy this?
I'm unsure if I can post to sac@lists.osgeo.org, so I also added an address
from past correspondence in our ticketing system.
Thanks!